Software Quality Engineering

Software
● Computer software is a collection of data or computer instructions that tell the computer
how to work.
● Software is a set of instructions, data or programs used to operate computers and execute
specific tasks.

Quality
● The degree of excellence of something General excellence of standard.

Engineering
● The branch of science and technology concerned with the design, building, and use of
engines, machines, and structures.

SQA
● Software Quality Engineering is process of designing, testing and building software
products that conform with intended quality.
● Process of implementing quality checks throughout SDLC life cycle.
● It is to make sure that you are applying best practices at every stages of SDLC.
● We focus on whatever we are building is error free.
● SQA is verification activity.
● Focus is on process that is according to some defined or international standards.
● CMM3 companies follow SQA processes and practices.

SDLC
● Requirements > Analysis > Design > Implementation > Testing > Deployment >
Maintenance.
● Quality control (Implementation, Testing, Deployment).

SQA activities carried out during various stages of the Software Development Life Cycle
(SDLC) in a project
 1. Requirements Phase
○ Reviewing and validating requirements for clarity and feasibility.

2. Design Phase
○ Reviewing design documents and architecture for compliance with standards.
○ Ensuring that the design supports the specified requirements.

3. Coding/Implementation Phase
○ Conducting code reviews to identify coding standards violations and defects.
○ Verifying that the code meets specified requirements.

4. Testing Phase
○ Reviewing test results and ensuring they align with expected outcomes.

5. Deployment Phase
○ Verifying that the software is ready for deployment.
○ Monitoring the deployment to identify and address any issues.

6. Maintenance Phase
○ Continuously improving processes based on lessons learned.
○ Managing updates, patches, and addressing reported issues.

Testing
● Evaluating that the requirements are met or not.
● Checking whether implementation is right or not.
● Assessing the given deliverables.
● Evaluating them in order to find bugs.
● Testing starts from very first SDLC phase that is requirements gathering (e.g you start
from checking SRS against errors).
● Testing involves walkthroughs, inspections and several other methods.
● It requires experience & knowledge.
Quality assurance vs Quality control
● QA is proactive approach. QC is reactive approach.
● Quality assurance team is process-oriented, that focuses on preventing quality issues. On
the other hand, the Quality Control Team is product-oriented, that focuses on identifying
and correcting quality issues in manufactured products that can affect customer
satisfaction.
● The goal of QA is to improve development & testing process so that defects do not arise.
The goal of QC is to identify defects after a product is developed and before it's released.
● QA involves defining and improving processes, methodologies, and standards. QC involves
testing, inspection, and evaluation of the software.
● QA is conducting process audits( checking the process is according to what is written)
and establishes process metrics. QC includes activities like code reviews, testing
(functional, performance, security), and defect management.
● QA example (Setting up coding standards and guidelines for developers to follow during
software development).
● QC example (Testing the software application to find and fix any bugs or errors before its
release).

SQA process
● Plan > Do > Check > Act
● Also known as PDCA or Deming cycle.

1. Plan
○ QA master document is prepared.
○ Planning defines the process related to setting objectives required to deliver high
quality product.

2. Do
○ Go as you have planned.

3. Check
○ Monitor & modify the process.
○ Is it right or not?
 ○ Also check whether it meets with objectives or not.

4. Act
○ Act on whatever you have planned to improve the process and achieve objectives.

QA Activities
1. Quality Audit: Evaluating processes and deliverables to ensure they adhere to established
quality standards.
2. Defining Process: Creating clear and structured guidelines for tasks and workflows within
a project.
3. Tool Identification and Selection: Identifying suitable tools and technologies to enhance
and support the QA process.
4. Training of Quality Standards and Processes: Providing education and guidance to team
members on the established quality standards and processes.

QC Activities
1. Walkthroughs: Collaborative and informal review of a document or code to identify issues
and gather feedback.
2. Testing: Systematic process of evaluating a product or system's functionality,
performance, and security.
3. Inspection: Formal examination of a document or code to find defects, usually led by a
trained moderator.
4. Checkpoint Review: Periodic assessment of project progress to find bugs.

Total Quality Management (TQM)

 ● It involves quality management of your product through out the development process.
● Process improvement has high value in company, need to improve it time to time.
● It involves training employees to improve human side of quality.

TQM Implementation/Certifications
– TQM can be implemented using these practices:
1. Six Sigma.
2. Capability Maturity Model (CMMI).
3. ISO 9001:2000
4. Test Maturity Model (TMM).

Six Sigma (not applied in real)

● A quality management technique.
● Targets 99.99% accuracy.
● Only 3.4 defective products are allowed per million.
● Heavily based on statistical measurements, analysis and improvement.
● Errors are removed using mathematical calculations.
● Sigma = Square root [ sum (x - u)^2 / n ]

CMMI
● Any company wanting to implement TQM can use CMMI.
● The most widely known and acclaimed model for technology companies.
● Previous it was CMM.
● CMMI is major release after all CMM models.
● It has 5 levels:
◆ Level 1: Initial level/phase.
◆ Level 2: Repeatable level.
 ◆ Level 2: Repeatable level.
◆ Level 3: Defined level.
◆ Level 4: Managed level.
◆ Level 5: Optimized level.

Level 1 (Initial level)

● At this stage there is no predefined method to develop product.
● No documentation.
● Just start coding without any planning.

Level 2 (Repeatable level)

● Some processes are defined.
● Company has different set of processes that are defined.
● Documents and requirements are written.
● Some processes are repeated who have produced good results.
● These processes are at project level.

Level 3 (Defined level)

● More number of processes are defined and well documented.
● They are not only at project level but also at organization level.
● QA practices are established and followed.
● Eg: Security organizations do-not rely on 3rd party softwares, they use their own
operating system and hardware.
● Organization level processes are also defined, for example (how to use usb in office).
● The purpose is to improve process in organizations.

Level 4 (Managed process)

● Every process is well documented.
● At this level, you have matrices to calculate cost, benefits.
● More processes are documented in order to improve them.

Level 5 (Optimized process)

● Highest level of CMMI.
● At this level, organizations research and come up with new ideas to improve and
 ●
continuously optimize processes and take competitive edge in market.
● Optimized products are developed.
● Very minute changes in new releases.
● When any company audit your company, they certify you.

ISO 9001:2000
● A Quality Management System (QMS) by ISO.
● It is documented process.
● The main objective is to check and review whether organization is following the process as
expected.
● Check whether existing process need improvement or not.
● ISO 9000 helps increase profit of organization.
● provides excellent customer satisfaction.

Test Maturity Model (TMM)

1. Initial level
◆ No quality standard followed.
◆ Not well documented.
2. Definition level
◆ Defined process.
◆ Test cases, strategies and plans are prepared.
3. Integration level
◆ Testing is carried throughout SDLC.
◆ It is nothing but integration with the development activities. E.g V-Model.
4. Management and Measurement level
◆ Review of requirements and design takes at this level.
5. Optimization level
◆ Many preventive techniques are used for testing processes.
◆ Tool support (automation) is used for process improvement and testing
standards.
Week 2

SQA Objectives
● To improve quality.
● To take preventive as well corrective actions to eliminate errors.
● To verify and validate that the product is meeting customer requirements and standards.
● Review of documents developed by development team.
● Development of QA plan (test plan + test cases).
● Implementation of test cases.
● Participating in code and design review.

Software reviews
● A review is way to identify the needs of improvements and identify errors in the product.
● Purpose is to analyze errors in SDLC life cycle of a product.

Check lost for reviews

● Completeness
● Consistency
 ● Ambiguities
● Thoroughness
● Conformance to template.
● Suitability of Architecture and design.

Formal Technical Review (FTR)

● Formal technical reviews are timely reviews, where date and time are set.
● 3-5 people are involved for less than 2 hours.
● Focuses on specific part of a product.
● It is performed to identify and remove defects from the software product.
● The Bottom line: It a staged approach of Formal technical reviews can improve the quality
and very useful for early detection of defects.
● It can be applied to requirements, design, implementation, user document and any other
defined development product.

Purposes of FTR
● Performed early to save the budget due to defects in requirements and design.
● Performed later in order to find bugs from the product and improve testing strategies.
● To uncover errors in code.
● To verify that the software meets its requirement under review.
● To ensure that the software is being developed according to quality standards.

Statistical Quality Assurance

● It is a technique that measures the quality in quantitative fashion.
● To identify the error rate through mathematical calculations.
● It considers various factors such as minor, moderate, major errors.
● It also defines weighing factors for type of errors.
● The total numbers of errors(sum of phase indices) are divided by the line of codes in order
to get error rate.
● This way it can be determined how good a project is.
Week 3

Software Reliability
● It is quantitative measurement of the quality of a software product to find out its
usefulness.
● Software reliability of a software is a probability of providing an error-free operation for a
specified time in a particular environment.
● The level of reliability depends on those inputs which cause failure by the users.

Failure
● When an outcome of a program is not as expected as program gets executed.
● Observed outcome is different from expected outcome.
● A frequently failing system is considered to be highly unreliable.

Fault
● It is a mistake made during software development.
● It can be a block of code that causes error.
● It can lead to incorrect behavior of a software.

Factors influencing software reliability

1. Size and Complexity of Code

◆ The lines of code can determine the reliability of a software.
◆ As the lines of code increase, so does the chance of failure increase.
2. Characteristics of Development Process
◆ Complete development environment can increase system’s reliability like if
sufficient tools are available for the development.
◆ If code reviews techniques are developed, can enhance reliability of product.
3. Education, Experience and Training of Personnel
 ◆ Skilled personnel can produce a reliable piece of product.
4. Operational Environment
◆ The testing engineering must know how a user will operate with the system.
◆ If an engineer is potent enough to determine remaining faults can produce a
reliable product.

The SQA Plan

● The SQA plan provides a road map to assure a software’s quality.
● It is developed by SQA group and the project team.
● It is a template for SQA team where activities of SQA team are defines through out each
product development process.
● The initial section of plan describe the purpose and scope of document and lists out
activities that the team has to conduct.
● The management section of plan describes the organizational roles and responsibilities
related to the software’s quality.
● The documentation section describes design, specifications, technical and user
documents.
● The reviews and audit section of the SQA plan involves formal and informal reviews and
their timings.
● Standards, practices are defined to be followed during the software development.

SQA Group
● Software Quality assurance group has a larger role in an organization to ensure best
development practices.
● The group works to drive process improvements initiatives across organization.
● It involves:
1. Test Engineer
◆ It has administrative responsibilities.
◆ Manages budget, hires personnel, assigns tasks, trains them and reviews
their performance.
◆ He develops a test plan, executes it.
◆ Collects, defines and analyzes metrics and improves test processes.
2. Technical Leader
 ◆ He should have technical knowledge.
◆ Technical leader often collaborates with developers working on a complex
project.
◆ He should also have testing, process and project management skills.
3. Principal Engineer
◆ They are test specialists.
◆ Responsible for test planning, test automation, test tool development,
performance modeling, reliability engineering and business acceptance
testing.
4. Senior Engineer
◆ They design, develop, and execute test cases.
◆ They help developers solving errors.
◆ They participate in test plan review meetings.
5. Junior Engineer
◆ New, inexperienced test engineers are put at junior level.
◆ They gain experience by assisting senior developers.